diff --git a/.version b/.version
index 07660841e8..97b438251a 100644
--- a/.version
+++ b/.version
@@ -1 +1 @@
-19.8.0
\ No newline at end of file
+19.8.1
diff --git a/CHANGES.md b/CHANGES.md
new file mode 120000
index 0000000000..24299a0d3a
--- /dev/null
+++ b/CHANGES.md
@@ -0,0 +1 @@
+ChangeLogs/ChangeLog-19.8.1.md
\ No newline at end of file
diff --git a/ChangeLogs/ChangeLog-19.8.1.md b/ChangeLogs/ChangeLog-19.8.1.md
new file mode 100644
index 0000000000..39d7fe9506
--- /dev/null
+++ b/ChangeLogs/ChangeLog-19.8.1.md
@@ -0,0 +1,99 @@
+
+Change Log for Release 19.8.1
+========================================
+
+Links:
+----------------------------------------
+
+ - [Full ChangeLog](https://downloads.asterisk.org/pub/telephony/asterisk/releases/ChangeLog-19.8.1.md)
+ - [GitHub Diff](https://github.com/asterisk/asterisk/compare/19.8.0...19.8.1)
+ - [Tarball](https://downloads.asterisk.org/pub/telephony/asterisk/asterisk-19.8.1.tar.gz)
+ - [Downloads](https://downloads.asterisk.org/pub/telephony/asterisk)
+
+Summary:
+----------------------------------------
+
+- apply_patches: Use globbing instead of file/sort.
+- bundled_pjproject: Backport 2 SSL patches from upstream
+- bundled_pjproject: Backport security fixes from pjproject 2.13.1
+- apply_patches: Sort patch list before applying
+
+User Notes:
+----------------------------------------
+
+
+Upgrade Notes:
+----------------------------------------
+
+
+Closed Issues:
+----------------------------------------
+
+ - #188: [improvement]: pjsip: Upgrade bundled version to pjproject 2.13.1 #187
+ - #193: [bug]: third-party/apply-patches doesn't sort the patch file list before applying
+ - #194: [bug]: Segfault/double-free in bundled pjproject using TLS transport
+
+Commits By Author:
+----------------------------------------
+
+- ### George Joseph (3):
+ - apply_patches: Sort patch list before applying
+ - bundled_pjproject: Backport security fixes from pjproject 2.13.1
+ - bundled_pjproject: Backport 2 SSL patches from upstream
+
+- ### Sean Bright (1):
+ - apply_patches: Use globbing instead of file/sort.
+
+
+Detail:
+----------------------------------------
+
+- ### apply_patches: Use globbing instead of file/sort.
+ Author: Sean Bright
+ Date: 2023-07-06
+
+ This accomplishes the same thing as a `find ... | sort` but with the
+ added benefit of clarity and avoiding a call to a subshell.
+
+ Additionally drop the -s option from call to patch as it is not POSIX.
+
+- ### bundled_pjproject: Backport 2 SSL patches from upstream
+ Author: George Joseph
+ Date: 2023-07-06
+
+ * Fix double free of ossock->ossl_ctx in case of errors
+ https://github.com/pjsip/pjproject/commit/863629bc65d6
+
+ * free SSL context and reset context pointer when setting the cipher
+ list fails
+ https://github.com/pjsip/pjproject/commit/0fb32cd4c0b2
+
+ Resolves: #194
+
+- ### bundled_pjproject: Backport security fixes from pjproject 2.13.1
+ Author: George Joseph
+ Date: 2023-07-05
+
+ Merge-pull-request-from-GHSA-9pfh-r8x4-w26w.patch
+ Merge-pull-request-from-GHSA-cxwq-5g9x-x7fr.patch
+ Locking-fix-so-that-SSL_shutdown-and-SSL_write-are-n.patch
+ Don-t-call-SSL_shutdown-when-receiving-SSL_ERROR_SYS.patch
+
+ Resolves: #188
+
+- ### apply_patches: Sort patch list before applying
+ Author: George Joseph
+ Date: 2023-07-06
+
+ The apply_patches script wasn't sorting the list of patches in
+ the "patches" directory before applying them. This left the list
+ in an indeterminate order. In most cases, the list is actually
+ sorted but rarely, they can be out of order and cause dependent
+ patches to fail to apply.
+
+ We now sort the list but the "sort" program wasn't in the
+ configure scripts so we needed to add that and regenerate
+ the scripts as well.
+
+ Resolves: #193
+
diff --git a/CHANGES b/ChangeLogs/historical/CHANGES
similarity index 100%
rename from CHANGES
rename to ChangeLogs/historical/CHANGES
diff --git a/ChangeLog b/ChangeLogs/historical/ChangeLog
similarity index 100%
rename from ChangeLog
rename to ChangeLogs/historical/ChangeLog
diff --git a/UPGRADE.txt b/UPGRADE.txt
index be61364e37..8204d66831 100644
--- a/UPGRADE.txt
+++ b/UPGRADE.txt
@@ -1,3 +1,6 @@
+===== WARNING, THIS FILE IS OBSOLETE AND WILL BE REMOVED IN A FUTURE VERSION =====
+See 'Upgrade Notes' in the CHANGES file
+
===========================================================
===
=== THIS FILE IS AUTOMATICALLY GENERATED DURING THE RELEASE
diff --git a/asterisk-19.8.0-summary.html b/asterisk-19.8.0-summary.html
deleted file mode 100644
index ef35320ebb..0000000000
--- a/asterisk-19.8.0-summary.html
+++ /dev/null
@@ -1,187 +0,0 @@
-
Release Summary - asterisk-19.8.0asterisk-19.8.0
Date: 2023-01-12
<asteriskteam@digium.com>
Table of Contents
-- Summary
-- Contributors
-- Closed Issues
-- Open Issues
-- Other Changes
-- Diffstat
-
Summary
[Back to Top]This release is a point release of an existing major version. The changes included were made to address problems that have been identified in this release series, or are minor, backwards compatible new features or improvements. Users should be able to safely upgrade to this version if this release series is already in use. Users considering upgrading from a previous version are strongly encouraged to review the UPGRADE.txt document as well as the CHANGES document for information about upgrading to this release series.
The data in this summary reflects changes that have been made since the previous release, asterisk-19.7.0.
Contributors
[Back to Top]This table lists the people who have submitted code, those that have tested patches, as well as those that reported issues on the issue tracker that were resolved in this release. For coders, the number is how many of their patches (of any size) were committed into this release. For testers, the number is the number of times their name was listed as assisting with testing a patch. Finally, for reporters, the number is the number of issues that they reported that were affected by commits that went into this release.
-Coders | Testers | Reporters |
-18 Naveen Albert 6 George Joseph 5 Philip Prindeville 4 Asterisk Development Team 4 Mike Bradeen 2 Maximilian Fridrich 1 Birger Harzenetter (license 5870) 1 Holger Hans Peter Freyther 1 Igor Goncharovsky 1 Frederic LE FOLL 1 Alexandre Fournier 1 Jaco Kroon 1 Ben Ford 1 Henning Westerholt
| | 18 N A 4 Philip Prindeville 3 George Joseph 2 Michael Bradeen 2 Maximilian Fridrich 1 Igor Yeroshev 1 Alexandre Fournier 1 Igor Goncharovsky 1 Henning Westerholt 1 Frederic LE FOLL 1 shawty 1 David Woolley 1 nappsoft 1 Joshua C. Colp 1 Joeran Vinzens 1 Benjamin Keith Ford 1 Jesse Ross
|
-
Closed Issues
[Back to Top]This is a list of all issues from the issue tracker that were closed by changes that went into this release.
Security
Category: Addons/chan_ooh323
ASTERISK-30103: chan_ooh323 Vulnerability in calling/called party IE
Reported by: Michael Bradeen
-- [42ecf402a3] Mike Bradeen -- ooh323c: not checking for IE minimum length
-
Category: Core/ManagerInterface
ASTERISK-30176: manager: GetConfig can read files outside of Asterisk
Reported by: shawty
-- [764ca33473] Mike Bradeen -- manager: prevent file access outside of config dir
-
Category: pjproject/pjsip
ASTERISK-30338: pjproject: Backport security fixes from 2.13
Reported by: Benjamin Keith Ford
Improvement
Category: Core/Bridging
ASTERISK-30223: features: add no-answer option to Bridge application
Reported by: N A
-- [231f99b397] Naveen Albert -- features: Add no answer option to Bridge.
-
Category: Resources/res_pjsip
ASTERISK-30158: PJSIP: Add new 100rel option "peer_supported"
Reported by: Maximilian Fridrich
-- [2efcb5890e] Maximilian Fridrich -- res_pjsip: Add 100rel option "peer_supported".
-
Category: Resources/res_pjsip_geolocation
ASTERISK-30241: res_pjsip_gelocation: Downgrade some NOTICE scope trace debugs to DEBUG level
Reported by: N A
-- [0a0b141278] Naveen Albert -- res_pjsip_geolocation: Change some notices to debugs.
-
Bug
Category: Applications/app_saynumber
ASTERISK-30248: ast_get_digit_str adds bogus initial delimiter if first character not to be spoken
Reported by: David Woolley
-- [57b1f5a7c3] Naveen Albert -- say: Don't prepend ampersand erroneously.
-
Category: Applications/app_voicemail
ASTERISK-30248: ast_get_digit_str adds bogus initial delimiter if first character not to be spoken
Reported by: David Woolley
-- [57b1f5a7c3] Naveen Albert -- say: Don't prepend ampersand erroneously.
-
Category: Channels/chan_dahdi
ASTERISK-30274: chan_dahdi: Unavailable channels are BUSY
Reported by: N A
-- [3bae133afa] Naveen Albert -- chan_dahdi: Fix unavailable channels returning busy.
-
ASTERISK-30256: chan_dahdi: Fix format truncation warnings
Reported by: N A
-- [11d97dc5ca] Naveen Albert -- chan_dahdi: Resolve format truncation warning.
-
Category: Channels/chan_local
ASTERISK-30239: Prometheus plugin crashes Asterisk when using local channel
Reported by: Joeran Vinzens
-- [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not crash on invisible bridges
-
Category: Channels/chan_pjsip
ASTERISK-30193: chan_pjsip should return all codecs on a re-INVITE without SDP
Reported by: Henning Westerholt
-- [a6aebab79b] Henning Westerholt -- res_pjsip: return all codecs on a re-INVITE without SDP
-
Category: Core/AstDB
ASTERISK-30245: db: ListItems is incorrect
Reported by: N A
-- [aefb9fc216] Birger Harzenetter -- db: Fix incorrect DB tree count for AMI.
-
Category: Core/Dial
ASTERISK-30258: Dialing API: Cancel a running async thread, does not always cancel all calls
Reported by: Frederic LE FOLL
-- [83498bec35] Frederic LE FOLL -- Dialing API: Cancel a running async thread, may not cancel all calls
-
Category: Core/General
ASTERISK-30278: tcptls: Abort occurs if SSL error is logged if MALLOC_DEBUG is enabled
Reported by: N A
-- [e553546eff] Naveen Albert -- tcptls: Prevent crash when freeing OpenSSL errors.
-
Category: Core/HTTP
ASTERISK-30278: tcptls: Abort occurs if SSL error is logged if MALLOC_DEBUG is enabled
Reported by: N A
-- [e553546eff] Naveen Albert -- tcptls: Prevent crash when freeing OpenSSL errors.
-
Category: Functions/General
ASTERISK-30220: func_scramble: Fix segfault due to null pointer deref
Reported by: N A
-- [086b1abf66] Naveen Albert -- func_scramble: Fix null pointer dereference.
-
Category: Functions/func_logic
ASTERISK-30243: func_logic: IF function complains if both branches are empty
Reported by: N A
-- [9ba789d297] Naveen Albert -- func_logic: Don't emit warning if both IF branches are empty.
-
Category: Resources/General
ASTERISK-30239: Prometheus plugin crashes Asterisk when using local channel
Reported by: Joeran Vinzens
-- [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not crash on invisible bridges
-
ASTERISK-30237: res_prometheus: Crash when scraping bridges
Reported by: Igor Yeroshev
-- [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not crash on invisible bridges
-
Category: Resources/res_ari_channels
ASTERISK-30237: res_prometheus: Crash when scraping bridges
Reported by: Igor Yeroshev
-- [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not crash on invisible bridges
-
Category: Resources/res_crypto
ASTERISK-30213: Make crypto_load() reentrant and handle symlinks correctly
Reported by: Philip Prindeville
-- [23a4135fe7] Philip Prindeville -- res_crypto: handle unsafe private key files
-- [44684fdd51] Philip Prindeville -- res_crypto: don't modify fname in try_load_key()
-- [109c2335ef] Philip Prindeville -- res_crypto: use ast_file_read_dirs() to iterate
-
ASTERISK-30235: res_crypto and tests: Memory issues and and uninitialized variable error
Reported by: George Joseph
-- [f09b9e6678] George Joseph -- res_crypto: Memory issues and uninitialized variable errors
-
ASTERISK-30226: REGRESSION: res_crypto complains about the stir_shaken directory in /var/lib/asterisk/keys
Reported by: George Joseph
-- [70489083b1] Philip Prindeville -- res_crypto: don't complain about directories
-
Category: Resources/res_geolocation
ASTERISK-30234: res_geolocation: ...may be used uninitialized error in geoloc_config.c
Reported by: George Joseph
-- [c2a343b8c9] George Joseph -- res_geolocation: Fix issues exposed by compiling with -O2
-
Category: Resources/res_pjsip
ASTERISK-30369: res_pjsip: Websockets from same IP shut down when they shouldn't be
Reported by: Joshua C. Colp
-- [7129752201] George Joseph -- res_pjsip_transport_websocket: Add remote port to transport
-
Category: Resources/res_pjsip_exten_state
ASTERISK-30264: res_pjsip: Subscription handlers do not get cleanly unregistered, causing crash
Reported by: N A
-- [8bea5052db] Naveen Albert -- res_pjsip_pubsub: Prevent removing subscriptions.
-
Category: Resources/res_pjsip_mwi
ASTERISK-30264: res_pjsip: Subscription handlers do not get cleanly unregistered, causing crash
Reported by: N A
-- [8bea5052db] Naveen Albert -- res_pjsip_pubsub: Prevent removing subscriptions.
-
Category: Resources/res_pjsip_outbound_registration
ASTERISK-30217: Registration do not allow multiple proxies
Reported by: Igor Goncharovsky
-- [09af7e0aca] Igor Goncharovsky -- res_pjsip_outbound_registration: Allow to use multiple proxies for registration
-
Category: Resources/res_pjsip_pubsub
ASTERISK-30244: res_pjsip_pubsub: Occasional crash when TCP/TLS connection terminated and subscription persistence is removed
Reported by: nappsoft
-- [69c2459c33] George Joseph -- pjsip_transport_events: Fix possible use after free on transport
-
Category: Tests/General
ASTERISK-30232: Initialize stack-based ast_test_capture structures correctly
Reported by: Philip Prindeville
-- [1d6e7c6843] Philip Prindeville -- test: initialize capture structure before freeing
-
Category: Tests/Portability
ASTERISK-30273: test_mwi: compilation fails on 32-bit Debian
Reported by: N A
-- [025dbcfd68] Naveen Albert -- tests: Fix compilation errors on 32-bit.
-
Category: pjproject/pjsip
ASTERISK-28689: res_pjsip: Crash when locking group lock when sending stateful response
Reported by: Jesse Ross
-- [d7dae7b1fc] Mike Bradeen -- res_pjsip: prevent crash on websocket disconnect
-
New Feature
Category: Applications/app_amd
ASTERISK-30179: app_amd: Allow audio to be played while AMD is running
Reported by: N A
-- [fd5683f74b] Naveen Albert -- app_amd: Add option to play audio during AMD.
-
Category: Applications/app_bridgewait
ASTERISK-30216: app_bridgewait: Add option for BridgeWait to not answer
Reported by: N A
-- [999b162786] Naveen Albert -- app_bridgewait: Add option to not answer channel.
-
Category: CDR/General
ASTERISK-30091: cdr: Allow CDRs to ignore call state changes
Reported by: N A
-- [b397dc3ca3] Naveen Albert -- cdr: Allow bridging and dial state changes to be ignored.
-
Category: Functions/NewFeature
ASTERISK-29432: New function to allow access to any channel
Reported by: N A
-- [5199a70c07] Naveen Albert -- func_export: Add EXPORT function
-
Category: Functions/func_strings
ASTERISK-30222: func_strings: Add trim functions
Reported by: N A
-- [0bf6d7af33] Naveen Albert -- func_strings: Add trim functions.
-
Category: Resources/General
ASTERISK-30254: res_tonedetect: Add audible ringback detection to TONE_DETECT
Reported by: N A
-- [f9297117d9] Naveen Albert -- res_tonedetect: Add ringback support to TONE_DETECT.
-
Category: Resources/res_pjsip
ASTERISK-30032: Support of mediasec SIP headers and SDP attributes
Reported by: Maximilian Fridrich
-- [6170073800] Maximilian Fridrich -- res_pjsip: Add mediasec capabilities.
-
Category: Resources/res_pjsip_logger
ASTERISK-30146: res_pjsip_logger: Add method-based log filtering
Reported by: N A
-- [05a7b4132a] Naveen Albert -- res_pjsip_logger: Add method-based logging option.
-
Category: Resources/res_pjsip_notify
ASTERISK-30263: res_pjsip_notify: Allow using pjsip_notify.conf from AMI
Reported by: N A
-- [a0dd8c27b5] Naveen Albert -- res_pjsip_notify: Add option support for AMI.
-
Open Issues
[Back to Top]This is a list of all open issues from the issue tracker that were referenced by changes that went into this release.
Bug
Category: Resources/res_geolocation
ASTERISK-30346: Fix NULL dereferencing issue in Geolocation
Reported by: Alexandre Fournier
-- [c900a7dc39] Alexandre Fournier -- res_geoloc: fix NULL pointer dereference bug
-
Category: Resources/res_stasis_snoop
ASTERISK-30252: Unidirectional snoop on resampled channel causes garbled audio
Reported by: Michael Bradeen
-- [f61dbd566b] Mike Bradeen -- audiohook: add directional awareness
-
Commits Not Associated with an Issue
[Back to Top]This is a list of all changes that went into this release that did not reference a JIRA issue.
-Revision | Author | Summary |
-b40f0f6fce | Asterisk Development Team | Update for 19.8.0-rc2 |
-1eee96543b | Asterisk Development Team | Update for 19.8.0-rc1 |
-c4703f070a | Asterisk Development Team | Update CHANGES and UPGRADE.txt for 19.8.0 |
-54cafbc67f | George Joseph | res_geolocation: Update wiki documentation |
-2209afddb9 | Asterisk Development Team | Update CHANGES and UPGRADE.txt for 19.7.0 |
-95a25fddac | George Joseph | manager.h: Bump version to 8.0.2 |
-ef20afda63 | Jaco Kroon | manager: be more aggressive about purging http sessions. |
-
Diffstat Results
[Back to Top]This is a summary of the changes to the source code that went into this release that was generated using the diffstat utility.
asterisk-19.7.0-summary.html | 212 ---
-asterisk-19.7.0-summary.txt | 528 --------
-b/.version | 2
-b/CHANGES | 84 +
-b/ChangeLog | 631 +++++++++-
-b/UPGRADE.txt | 13
-b/addons/ooh323c/src/ooq931.c | 15
-b/apps/app_amd.c | 51
-b/apps/app_bridgewait.c | 9
-b/asterisk-19.8.0-rc2-summary.html | 11
-b/asterisk-19.8.0-rc2-summary.txt | 82 +
-b/channels/chan_dahdi.c | 9
-b/configs/samples/amd.conf.sample | 7
-b/configs/samples/asterisk.conf.sample | 11
-b/configs/samples/cdr.conf.sample | 11
-b/configs/samples/geolocation.conf.sample | 2
-b/configs/samples/pjsip.conf.sample | 7
-b/contrib/ast-db-manage/config/versions/417c0247fd7e_add_security_negotiation_and_security_.py | 49
-b/contrib/ast-db-manage/config/versions/539f68bede2c_add_peer_supported_to_100rel.py | 57
-b/contrib/ast-db-manage/config/versions/ccf795ee535f_all_codecs_on_empty_reinvite.py | 37
-b/contrib/realtime/mysql/mysql_config.sql | 24
-b/contrib/realtime/postgresql/postgresql_config.sql | 30
-b/funcs/func_export.c | 107 +
-b/funcs/func_logic.c | 3
-b/funcs/func_sayfiles.c | 9
-b/funcs/func_scramble.c | 1
-b/funcs/func_strings.c | 186 ++
-b/include/asterisk/audiohook.h | 9
-b/include/asterisk/cdr.h | 2
-b/include/asterisk/manager.h | 12
-b/include/asterisk/res_pjsip.h | 237 +++
-b/include/asterisk/res_pjsip_session.h | 2
-b/include/asterisk/test.h | 10
-b/main/audiohook.c | 22
-b/main/cdr.c | 86 +
-b/main/db.c | 4
-b/main/dial.c | 9
-b/main/features.c | 28
-b/main/manager.c | 61
-b/main/options.c | 1
-b/main/say.c | 6
-b/main/tcptls.c | 2
-b/main/test.c | 9
-b/res/prometheus/bridges.c | 12
-b/res/res_crypto.c | 75 -
-b/res/res_geolocation/geoloc_datastore.c | 4
-b/res/res_geolocation/wiki/AsteriskImplementation.md | 251 +++
-b/res/res_geolocation/wiki/GML.md | 38
-b/res/res_geolocation/wiki/Geolocation.md | 2
-b/res/res_geolocation/wiki/README.txt | 31
-b/res/res_geolocation/wiki/URI.md | 5
-b/res/res_pjsip.c | 47
-b/res/res_pjsip/config_global.c | 21
-b/res/res_pjsip/pjsip_config.xml | 55
-b/res/res_pjsip/pjsip_configuration.c | 44
-b/res/res_pjsip/pjsip_options.c | 5
-b/res/res_pjsip/pjsip_transport_events.c | 214 +++
-b/res/res_pjsip/security_agreements.c | 340 +++++
-b/res/res_pjsip_exten_state.c | 13
-b/res/res_pjsip_logger.c | 165 ++
-b/res/res_pjsip_mwi.c | 13
-b/res/res_pjsip_notify.c | 165 +-
-b/res/res_pjsip_outbound_authenticator_digest.c | 4
-b/res/res_pjsip_outbound_registration.c | 249 +++
-b/res/res_pjsip_pubsub.c | 25
-b/res/res_pjsip_rfc3329.c | 150 ++
-b/res/res_pjsip_sdp_rtp.c | 6
-b/res/res_pjsip_session.c | 74 -
-b/res/res_pjsip_transport_websocket.c | 1
-b/res/res_stasis_snoop.c | 22
-b/res/res_tonedetect.c | 25
-b/tests/test_crypto.c | 19
-b/tests/test_mwi.c | 4
-b/tests/test_stasis.c | 2
-b/tests/test_stasis_state.c | 8
-b/third-party/pjproject/patches/0200-potential-buffer-overflow-in-pjlib-scanner-and-pjmedia.patch | 306 ++++
-b/third-party/pjproject/patches/0201-potential-stack-buffer-overflow-when-parsing-message-as-a-STUN-client.patch | 24
-77 files changed, 4028 insertions(+), 1079 deletions(-)
\ No newline at end of file
diff --git a/asterisk-19.8.0-summary.txt b/asterisk-19.8.0-summary.txt
deleted file mode 100644
index c7d5570cc2..0000000000
--- a/asterisk-19.8.0-summary.txt
+++ /dev/null
@@ -1,535 +0,0 @@
- Release Summary
-
- asterisk-19.8.0
-
- Date: 2023-01-12
-
-
-
- ----------------------------------------------------------------------
-
- Table of Contents
-
- 1. Summary
- 2. Contributors
- 3. Closed Issues
- 4. Open Issues
- 5. Other Changes
- 6. Diffstat
-
- ----------------------------------------------------------------------
-
- Summary
-
- [Back to Top]
-
- This release is a point release of an existing major version. The changes
- included were made to address problems that have been identified in this
- release series, or are minor, backwards compatible new features or
- improvements. Users should be able to safely upgrade to this version if
- this release series is already in use. Users considering upgrading from a
- previous version are strongly encouraged to review the UPGRADE.txt
- document as well as the CHANGES document for information about upgrading
- to this release series.
-
- The data in this summary reflects changes that have been made since the
- previous release, asterisk-19.7.0.
-
- ----------------------------------------------------------------------
-
- Contributors
-
- [Back to Top]
-
- This table lists the people who have submitted code, those that have
- tested patches, as well as those that reported issues on the issue tracker
- that were resolved in this release. For coders, the number is how many of
- their patches (of any size) were committed into this release. For testers,
- the number is the number of times their name was listed as assisting with
- testing a patch. Finally, for reporters, the number is the number of
- issues that they reported that were affected by commits that went into
- this release.
-
- Coders Testers Reporters
- 18 Naveen Albert 18 N A
- 6 George Joseph 4 Philip Prindeville
- 5 Philip Prindeville 3 George Joseph
- 4 Asterisk Development Team 2 Michael Bradeen
- 4 Mike Bradeen 2 Maximilian Fridrich
- 2 Maximilian Fridrich 1 Igor Yeroshev
- 1 Birger Harzenetter (license 5870) 1 Alexandre Fournier
- 1 Holger Hans Peter Freyther 1 Igor Goncharovsky
- 1 Igor Goncharovsky 1 Henning Westerholt
- 1 Frederic LE FOLL 1 Frederic LE FOLL
- 1 Alexandre Fournier 1 shawty
- 1 Jaco Kroon 1 David Woolley
- 1 Ben Ford 1 nappsoft
- 1 Henning Westerholt 1 Joshua C. Colp
- 1 Joeran Vinzens
- 1 Benjamin Keith Ford
- 1 Jesse Ross
-
- ----------------------------------------------------------------------
-
- Closed Issues
-
- [Back to Top]
-
- This is a list of all issues from the issue tracker that were closed by
- changes that went into this release.
-
- Security
-
- Category: Addons/chan_ooh323
-
- ASTERISK-30103: chan_ooh323 Vulnerability in calling/called party IE
- Reported by: Michael Bradeen
- * [42ecf402a3] Mike Bradeen -- ooh323c: not checking for IE minimum
- length
-
- Category: Core/ManagerInterface
-
- ASTERISK-30176: manager: GetConfig can read files outside of Asterisk
- Reported by: shawty
- * [764ca33473] Mike Bradeen -- manager: prevent file access outside of
- config dir
-
- Category: pjproject/pjsip
-
- ASTERISK-30338: pjproject: Backport security fixes from 2.13
- Reported by: Benjamin Keith Ford
- * [1c8f57e298] Ben Ford -- pjproject: 2.13 security fixes
-
- Improvement
-
- Category: Core/Bridging
-
- ASTERISK-30223: features: add no-answer option to Bridge application
- Reported by: N A
- * [231f99b397] Naveen Albert -- features: Add no answer option to
- Bridge.
-
- Category: Resources/res_pjsip
-
- ASTERISK-30158: PJSIP: Add new 100rel option "peer_supported"
- Reported by: Maximilian Fridrich
- * [2efcb5890e] Maximilian Fridrich -- res_pjsip: Add 100rel option
- "peer_supported".
-
- Category: Resources/res_pjsip_geolocation
-
- ASTERISK-30241: res_pjsip_gelocation: Downgrade some NOTICE scope trace
- debugs to DEBUG level
- Reported by: N A
- * [0a0b141278] Naveen Albert -- res_pjsip_geolocation: Change some
- notices to debugs.
-
- Bug
-
- Category: Applications/app_saynumber
-
- ASTERISK-30248: ast_get_digit_str adds bogus initial delimiter if first
- character not to be spoken
- Reported by: David Woolley
- * [57b1f5a7c3] Naveen Albert -- say: Don't prepend ampersand
- erroneously.
-
- Category: Applications/app_voicemail
-
- ASTERISK-30248: ast_get_digit_str adds bogus initial delimiter if first
- character not to be spoken
- Reported by: David Woolley
- * [57b1f5a7c3] Naveen Albert -- say: Don't prepend ampersand
- erroneously.
-
- Category: Channels/chan_dahdi
-
- ASTERISK-30274: chan_dahdi: Unavailable channels are BUSY
- Reported by: N A
- * [3bae133afa] Naveen Albert -- chan_dahdi: Fix unavailable channels
- returning busy.
- ASTERISK-30256: chan_dahdi: Fix format truncation warnings
- Reported by: N A
- * [11d97dc5ca] Naveen Albert -- chan_dahdi: Resolve format truncation
- warning.
-
- Category: Channels/chan_local
-
- ASTERISK-30239: Prometheus plugin crashes Asterisk when using local
- channel
- Reported by: Joeran Vinzens
- * [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not
- crash on invisible bridges
-
- Category: Channels/chan_pjsip
-
- ASTERISK-30193: chan_pjsip should return all codecs on a re-INVITE without
- SDP
- Reported by: Henning Westerholt
- * [a6aebab79b] Henning Westerholt -- res_pjsip: return all codecs on a
- re-INVITE without SDP
-
- Category: Core/AstDB
-
- ASTERISK-30245: db: ListItems is incorrect
- Reported by: N A
- * [aefb9fc216] Birger Harzenetter -- db: Fix incorrect DB tree count for
- AMI.
-
- Category: Core/Dial
-
- ASTERISK-30258: Dialing API: Cancel a running async thread, does not
- always cancel all calls
- Reported by: Frederic LE FOLL
- * [83498bec35] Frederic LE FOLL -- Dialing API: Cancel a running async
- thread, may not cancel all calls
-
- Category: Core/General
-
- ASTERISK-30278: tcptls: Abort occurs if SSL error is logged if
- MALLOC_DEBUG is enabled
- Reported by: N A
- * [e553546eff] Naveen Albert -- tcptls: Prevent crash when freeing
- OpenSSL errors.
-
- Category: Core/HTTP
-
- ASTERISK-30278: tcptls: Abort occurs if SSL error is logged if
- MALLOC_DEBUG is enabled
- Reported by: N A
- * [e553546eff] Naveen Albert -- tcptls: Prevent crash when freeing
- OpenSSL errors.
-
- Category: Functions/General
-
- ASTERISK-30220: func_scramble: Fix segfault due to null pointer deref
- Reported by: N A
- * [086b1abf66] Naveen Albert -- func_scramble: Fix null pointer
- dereference.
-
- Category: Functions/func_logic
-
- ASTERISK-30243: func_logic: IF function complains if both branches are
- empty
- Reported by: N A
- * [9ba789d297] Naveen Albert -- func_logic: Don't emit warning if both
- IF branches are empty.
-
- Category: Resources/General
-
- ASTERISK-30239: Prometheus plugin crashes Asterisk when using local
- channel
- Reported by: Joeran Vinzens
- * [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not
- crash on invisible bridges
- ASTERISK-30237: res_prometheus: Crash when scraping bridges
- Reported by: Igor Yeroshev
- * [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not
- crash on invisible bridges
-
- Category: Resources/res_ari_channels
-
- ASTERISK-30237: res_prometheus: Crash when scraping bridges
- Reported by: Igor Yeroshev
- * [02be2a5f1a] Holger Hans Peter Freyther -- res_prometheus: Do not
- crash on invisible bridges
-
- Category: Resources/res_crypto
-
- ASTERISK-30213: Make crypto_load() reentrant and handle symlinks correctly
- Reported by: Philip Prindeville
- * [23a4135fe7] Philip Prindeville -- res_crypto: handle unsafe private
- key files
- * [44684fdd51] Philip Prindeville -- res_crypto: don't modify fname in
- try_load_key()
- * [109c2335ef] Philip Prindeville -- res_crypto: use
- ast_file_read_dirs() to iterate
- ASTERISK-30235: res_crypto and tests: Memory issues and and uninitialized
- variable error
- Reported by: George Joseph
- * [f09b9e6678] George Joseph -- res_crypto: Memory issues and
- uninitialized variable errors
- ASTERISK-30226: REGRESSION: res_crypto complains about the stir_shaken
- directory in /var/lib/asterisk/keys
- Reported by: George Joseph
- * [70489083b1] Philip Prindeville -- res_crypto: don't complain about
- directories
-
- Category: Resources/res_geolocation
-
- ASTERISK-30234: res_geolocation: ...may be used uninitialized error in
- geoloc_config.c
- Reported by: George Joseph
- * [c2a343b8c9] George Joseph -- res_geolocation: Fix issues exposed by
- compiling with -O2
-
- Category: Resources/res_pjsip
-
- ASTERISK-30369: res_pjsip: Websockets from same IP shut down when they
- shouldn't be
- Reported by: Joshua C. Colp
- * [7129752201] George Joseph -- res_pjsip_transport_websocket: Add
- remote port to transport
-
- Category: Resources/res_pjsip_exten_state
-
- ASTERISK-30264: res_pjsip: Subscription handlers do not get cleanly
- unregistered, causing crash
- Reported by: N A
- * [8bea5052db] Naveen Albert -- res_pjsip_pubsub: Prevent removing
- subscriptions.
-
- Category: Resources/res_pjsip_mwi
-
- ASTERISK-30264: res_pjsip: Subscription handlers do not get cleanly
- unregistered, causing crash
- Reported by: N A
- * [8bea5052db] Naveen Albert -- res_pjsip_pubsub: Prevent removing
- subscriptions.
-
- Category: Resources/res_pjsip_outbound_registration
-
- ASTERISK-30217: Registration do not allow multiple proxies
- Reported by: Igor Goncharovsky
- * [09af7e0aca] Igor Goncharovsky -- res_pjsip_outbound_registration:
- Allow to use multiple proxies for registration
-
- Category: Resources/res_pjsip_pubsub
-
- ASTERISK-30244: res_pjsip_pubsub: Occasional crash when TCP/TLS connection
- terminated and subscription persistence is removed
- Reported by: nappsoft
- * [69c2459c33] George Joseph -- pjsip_transport_events: Fix possible use
- after free on transport
-
- Category: Tests/General
-
- ASTERISK-30232: Initialize stack-based ast_test_capture structures
- correctly
- Reported by: Philip Prindeville
- * [1d6e7c6843] Philip Prindeville -- test: initialize capture structure
- before freeing
-
- Category: Tests/Portability
-
- ASTERISK-30273: test_mwi: compilation fails on 32-bit Debian
- Reported by: N A
- * [025dbcfd68] Naveen Albert -- tests: Fix compilation errors on 32-bit.
-
- Category: pjproject/pjsip
-
- ASTERISK-28689: res_pjsip: Crash when locking group lock when sending
- stateful response
- Reported by: Jesse Ross
- * [d7dae7b1fc] Mike Bradeen -- res_pjsip: prevent crash on websocket
- disconnect
-
- New Feature
-
- Category: Applications/app_amd
-
- ASTERISK-30179: app_amd: Allow audio to be played while AMD is running
- Reported by: N A
- * [fd5683f74b] Naveen Albert -- app_amd: Add option to play audio during
- AMD.
-
- Category: Applications/app_bridgewait
-
- ASTERISK-30216: app_bridgewait: Add option for BridgeWait to not answer
- Reported by: N A
- * [999b162786] Naveen Albert -- app_bridgewait: Add option to not answer
- channel.
-
- Category: CDR/General
-
- ASTERISK-30091: cdr: Allow CDRs to ignore call state changes
- Reported by: N A
- * [b397dc3ca3] Naveen Albert -- cdr: Allow bridging and dial state
- changes to be ignored.
-
- Category: Functions/NewFeature
-
- ASTERISK-29432: New function to allow access to any channel
- Reported by: N A
- * [5199a70c07] Naveen Albert -- func_export: Add EXPORT function
-
- Category: Functions/func_strings
-
- ASTERISK-30222: func_strings: Add trim functions
- Reported by: N A
- * [0bf6d7af33] Naveen Albert -- func_strings: Add trim functions.
-
- Category: Resources/General
-
- ASTERISK-30254: res_tonedetect: Add audible ringback detection to
- TONE_DETECT
- Reported by: N A
- * [f9297117d9] Naveen Albert -- res_tonedetect: Add ringback support to
- TONE_DETECT.
-
- Category: Resources/res_pjsip
-
- ASTERISK-30032: Support of mediasec SIP headers and SDP attributes
- Reported by: Maximilian Fridrich
- * [6170073800] Maximilian Fridrich -- res_pjsip: Add mediasec
- capabilities.
-
- Category: Resources/res_pjsip_logger
-
- ASTERISK-30146: res_pjsip_logger: Add method-based log filtering
- Reported by: N A
- * [05a7b4132a] Naveen Albert -- res_pjsip_logger: Add method-based
- logging option.
-
- Category: Resources/res_pjsip_notify
-
- ASTERISK-30263: res_pjsip_notify: Allow using pjsip_notify.conf from AMI
- Reported by: N A
- * [a0dd8c27b5] Naveen Albert -- res_pjsip_notify: Add option support for
- AMI.
-
- ----------------------------------------------------------------------
-
- Open Issues
-
- [Back to Top]
-
- This is a list of all open issues from the issue tracker that were
- referenced by changes that went into this release.
-
- Bug
-
- Category: Resources/res_geolocation
-
- ASTERISK-30346: Fix NULL dereferencing issue in Geolocation
- Reported by: Alexandre Fournier
- * [c900a7dc39] Alexandre Fournier -- res_geoloc: fix NULL pointer
- dereference bug
-
- Category: Resources/res_stasis_snoop
-
- ASTERISK-30252: Unidirectional snoop on resampled channel causes garbled
- audio
- Reported by: Michael Bradeen
- * [f61dbd566b] Mike Bradeen -- audiohook: add directional awareness
-
- ----------------------------------------------------------------------
-
- Commits Not Associated with an Issue
-
- [Back to Top]
-
- This is a list of all changes that went into this release that did not
- reference a JIRA issue.
-
- +------------------------------------------------------------------------+
- | Revision | Author | Summary |
- |------------+----------------------+------------------------------------|
- | b40f0f6fce | Asterisk Development | Update for 19.8.0-rc2 |
- | | Team | |
- |------------+----------------------+------------------------------------|
- | 1eee96543b | Asterisk Development | Update for 19.8.0-rc1 |
- | | Team | |
- |------------+----------------------+------------------------------------|
- | c4703f070a | Asterisk Development | Update CHANGES and UPGRADE.txt for |
- | | Team | 19.8.0 |
- |------------+----------------------+------------------------------------|
- | 54cafbc67f | George Joseph | res_geolocation: Update wiki |
- | | | documentation |
- |------------+----------------------+------------------------------------|
- | 2209afddb9 | Asterisk Development | Update CHANGES and UPGRADE.txt for |
- | | Team | 19.7.0 |
- |------------+----------------------+------------------------------------|
- | 95a25fddac | George Joseph | manager.h: Bump version to 8.0.2 |
- |------------+----------------------+------------------------------------|
- | ef20afda63 | Jaco Kroon | manager: be more aggressive about |
- | | | purging http sessions. |
- +------------------------------------------------------------------------+
-
- ----------------------------------------------------------------------
-
- Diffstat Results
-
- [Back to Top]
-
- This is a summary of the changes to the source code that went into this
- release that was generated using the diffstat utility.
-
- asterisk-19.7.0-summary.html | 212 ---
- asterisk-19.7.0-summary.txt | 528 --------
- b/.version | 2
- b/CHANGES | 84 +
- b/ChangeLog | 631 +++++++++-
- b/UPGRADE.txt | 13
- b/addons/ooh323c/src/ooq931.c | 15
- b/apps/app_amd.c | 51
- b/apps/app_bridgewait.c | 9
- b/asterisk-19.8.0-rc2-summary.html | 11
- b/asterisk-19.8.0-rc2-summary.txt | 82 +
- b/channels/chan_dahdi.c | 9
- b/configs/samples/amd.conf.sample | 7
- b/configs/samples/asterisk.conf.sample | 11
- b/configs/samples/cdr.conf.sample | 11
- b/configs/samples/geolocation.conf.sample | 2
- b/configs/samples/pjsip.conf.sample | 7
- b/contrib/ast-db-manage/config/versions/417c0247fd7e_add_security_negotiation_and_security_.py | 49
- b/contrib/ast-db-manage/config/versions/539f68bede2c_add_peer_supported_to_100rel.py | 57
- b/contrib/ast-db-manage/config/versions/ccf795ee535f_all_codecs_on_empty_reinvite.py | 37
- b/contrib/realtime/mysql/mysql_config.sql | 24
- b/contrib/realtime/postgresql/postgresql_config.sql | 30
- b/funcs/func_export.c | 107 +
- b/funcs/func_logic.c | 3
- b/funcs/func_sayfiles.c | 9
- b/funcs/func_scramble.c | 1
- b/funcs/func_strings.c | 186 ++
- b/include/asterisk/audiohook.h | 9
- b/include/asterisk/cdr.h | 2
- b/include/asterisk/manager.h | 12
- b/include/asterisk/res_pjsip.h | 237 +++
- b/include/asterisk/res_pjsip_session.h | 2
- b/include/asterisk/test.h | 10
- b/main/audiohook.c | 22
- b/main/cdr.c | 86 +
- b/main/db.c | 4
- b/main/dial.c | 9
- b/main/features.c | 28
- b/main/manager.c | 61
- b/main/options.c | 1
- b/main/say.c | 6
- b/main/tcptls.c | 2
- b/main/test.c | 9
- b/res/prometheus/bridges.c | 12
- b/res/res_crypto.c | 75 -
- b/res/res_geolocation/geoloc_datastore.c | 4
- b/res/res_geolocation/wiki/AsteriskImplementation.md | 251 +++
- b/res/res_geolocation/wiki/GML.md | 38
- b/res/res_geolocation/wiki/Geolocation.md | 2
- b/res/res_geolocation/wiki/README.txt | 31
- b/res/res_geolocation/wiki/URI.md | 5
- b/res/res_pjsip.c | 47
- b/res/res_pjsip/config_global.c | 21
- b/res/res_pjsip/pjsip_config.xml | 55
- b/res/res_pjsip/pjsip_configuration.c | 44
- b/res/res_pjsip/pjsip_options.c | 5
- b/res/res_pjsip/pjsip_transport_events.c | 214 +++
- b/res/res_pjsip/security_agreements.c | 340 +++++
- b/res/res_pjsip_exten_state.c | 13
- b/res/res_pjsip_logger.c | 165 ++
- b/res/res_pjsip_mwi.c | 13
- b/res/res_pjsip_notify.c | 165 +-
- b/res/res_pjsip_outbound_authenticator_digest.c | 4
- b/res/res_pjsip_outbound_registration.c | 249 +++
- b/res/res_pjsip_pubsub.c | 25
- b/res/res_pjsip_rfc3329.c | 150 ++
- b/res/res_pjsip_sdp_rtp.c | 6
- b/res/res_pjsip_session.c | 74 -
- b/res/res_pjsip_transport_websocket.c | 1
- b/res/res_stasis_snoop.c | 22
- b/res/res_tonedetect.c | 25
- b/tests/test_crypto.c | 19
- b/tests/test_mwi.c | 4
- b/tests/test_stasis.c | 2
- b/tests/test_stasis_state.c | 8
- b/third-party/pjproject/patches/0200-potential-buffer-overflow-in-pjlib-scanner-and-pjmedia.patch | 306 ++++
- b/third-party/pjproject/patches/0201-potential-stack-buffer-overflow-when-parsing-message-as-a-STUN-client.patch | 24
- 77 files changed, 4028 insertions(+), 1079 deletions(-)
diff --git a/contrib/realtime/mysql/mysql_queue_log.sql b/contrib/realtime/mysql/mysql_queue_log.sql
new file mode 100644
index 0000000000..13dde964c2
--- /dev/null
+++ b/contrib/realtime/mysql/mysql_queue_log.sql
@@ -0,0 +1,29 @@
+BEGIN;
+
+CREATE TABLE alembic_version (
+ version_num VARCHAR(32) NOT NULL,
+ CONSTRAINT alembic_version_pkc PRIMARY KEY (version_num)
+);
+
+-- Running upgrade -> 4105ee839f58
+
+CREATE TABLE queue_log (
+ id BIGSERIAL NOT NULL,
+ time TIMESTAMP WITHOUT TIME ZONE,
+ callid VARCHAR(80),
+ queuename VARCHAR(256),
+ agent VARCHAR(80),
+ event VARCHAR(32),
+ data1 VARCHAR(100),
+ data2 VARCHAR(100),
+ data3 VARCHAR(100),
+ data4 VARCHAR(100),
+ data5 VARCHAR(100),
+ PRIMARY KEY (id),
+ UNIQUE (id)
+);
+
+INSERT INTO alembic_version (version_num) VALUES ('4105ee839f58');
+
+COMMIT;
+
diff --git a/contrib/realtime/postgresql/postgresql_queue_log.sql b/contrib/realtime/postgresql/postgresql_queue_log.sql
new file mode 100644
index 0000000000..13dde964c2
--- /dev/null
+++ b/contrib/realtime/postgresql/postgresql_queue_log.sql
@@ -0,0 +1,29 @@
+BEGIN;
+
+CREATE TABLE alembic_version (
+ version_num VARCHAR(32) NOT NULL,
+ CONSTRAINT alembic_version_pkc PRIMARY KEY (version_num)
+);
+
+-- Running upgrade -> 4105ee839f58
+
+CREATE TABLE queue_log (
+ id BIGSERIAL NOT NULL,
+ time TIMESTAMP WITHOUT TIME ZONE,
+ callid VARCHAR(80),
+ queuename VARCHAR(256),
+ agent VARCHAR(80),
+ event VARCHAR(32),
+ data1 VARCHAR(100),
+ data2 VARCHAR(100),
+ data3 VARCHAR(100),
+ data4 VARCHAR(100),
+ data5 VARCHAR(100),
+ PRIMARY KEY (id),
+ UNIQUE (id)
+);
+
+INSERT INTO alembic_version (version_num) VALUES ('4105ee839f58');
+
+COMMIT;
+